--- # # Note: the library role 'tomcat' is a dependency # - name: Manage the tomcat main instance when: not tomcat_service_enabled tags: ['tomcat', 'tomcat_instances'] block: - name: Disable the tomcat main instance ansible.builtin.service: name: 'tomcat{{ tomcat_version }}' state: stopped enabled: false - name: Manage the tomcat user and directory tree tags: ['tomcat', 'tomcat_instances'] block: - name: Create a tomcat user for each instance if needed ansible.builtin.user: name: '{{ item.user }}' home: '{{ item.user_home }}' createhome: false shell: "{{ item.user_shell | default('/bin/false') }}" loop: '{{ tomcat_m_instances }}' when: - not tomcat_m_use_default_user | bool - item.user != tomcat_user register: tomcat_first_install - name: Create a global tomcat user if needed ansible.builtin.user: name: '{{ tomcat_m_default_user }}' home: '{{ tomcat_m_instances_base_path }}' createhome: false shell: '{{ tomcat_m_default_user_shell }}' when: - tomcat_m_use_default_user | bool - tomcat_m_default_user != tomcat_user register: tomcat_first_install - name: Create the instances directory trees ansible.builtin.file: dest: '{{ item.0.instance_path }}/{{ item[1] }}' owner: '{{ item.0.user }}' group: '{{ item.0.user }}' mode: "0755" state: directory with_nested: - '{{ tomcat_m_instances }}' - ['common/classes', 'conf/Catalina/localhost', 'conf/policy.d', 'lib', 'server/classes', 'shared/classes', 'webapps', policy] register: tomcat_first_install - name: Create the tomcat logs base directory ansible.builtin.file: dest: '{{ tomcat_m_instances_logdir_base }}' state: directory mode: "0755" tags: ['tomcat', 'tomcat_instances', 'tomcat_log_dir'] - name: Create the instances log dirs ansible.builtin.file: dest: '{{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}' owner: '{{ item.user }}' group: '{{ item.user }}' mode: '0750' state: directory loop: '{{ tomcat_m_instances }}' register: tomcat_first_install when: not tomcat_m_expose_log_directory tags: ['tomcat', 'tomcat_instances', 'tomcat_log_dir'] - name: Create log dirs, readable by the user that runs the http service ansible.builtin.file: dest: '{{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}' owner: '{{ item.user }}' group: 'www-data' mode: '0750' state: directory loop: '{{ tomcat_m_instances }}' register: tomcat_first_install when: tomcat_m_expose_log_directory tags: ['tomcat', 'tomcat_instances', 'tomcat_log_dir'] - name: Create the instances work dirs ansible.builtin.file: dest: '{{ tomcat_m_cache_base }}/{{ item.http_port }}' owner: '{{ item.user }}' group: '{{ item.user }}' mode: "0755" state: directory loop: '{{ tomcat_m_instances }}' register: tomcat_first_install - name: Create links to work dir inside the instances directory tree ansible.builtin.file: src: '{{ tomcat_m_cache_base }}/{{ item.http_port }}' dest: '{{ item.instance_path }}/work' state: link loop: '{{ tomcat_m_instances }}' register: tomcat_first_install - name: Create links to log dir inside the instances directory tree ansible.builtin.file: src: '{{ tomcat_m_instances_logdir_base }}/{{ item.http_port }}' dest: '{{ item.instance_path }}/logs' state: link loop: '{{ tomcat_m_instances }}' register: tomcat_first_install - name: Create the catalina tmp directory ansible.builtin.file: dest: '{{ item.catalina_tmp_directory }}' state: directory owner: '{{ item.user }}' group: '{{ item.user }}' mode: "0700" loop: '{{ tomcat_m_instances }}' when: item.catalina_tmp_directory is defined - name: Populate the instances conf directory ansible.builtin.copy: src: "{{ item[1] }}" dest: "{{ item.0.instance_path }}/conf/{{ item[1] }}" owner: "{{ item.0.user }}" group: "{{ item.0.user }}" mode: "0640" with_nested: - '{{ tomcat_m_instances }}' - ['context.xml'] notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances'] - name: Install catalina.properties ansible.builtin.template: src: "{{ item[1] }}.j2" dest: "{{ item.0.instance_path }}/conf/{{ item[1] }}" owner: "{{ item.0.user }}" group: "{{ item.0.user }}" mode: "0640" with_nested: - '{{ tomcat_m_instances }}' - ['catalina.properties'] notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_catalina_properties'] - name: Populate the instances conf/policy.d directory ansible.builtin.copy: src: "policy.d/{{ item[1] }}" dest: "{{ item.0.instance_path }}/conf/policy.d/{{ item[1] }}" owner: "{{ item.0.user }}" group: "{{ item.0.user }}" mode: "0640" with_nested: - '{{ tomcat_m_instances }}' - ['01system.policy', '02debian.policy', '03catalina.policy', '04webapps.policy', '50local.policy'] notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances'] - name: Install logging.properties if we do not use log4j for the tomcat logging ansible.builtin.copy: src: "{{ item[1] }}" dest: "{{ item.0.instance_path }}/conf/{{ item[1] }}" owner: "{{ item.0.user }}" group: "{{ item.0.user }}" mode: "0640" with_nested: - '{{ tomcat_m_instances }}' - ['logging.properties'] when: - tomcat_use_log4j is defined - not tomcat_use_log4j | bool notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances'] - name: Install the server.xml conf file ansible.builtin.template: src: tomcat-server.xml.j2 dest: "{{ item.instance_path }}/conf/server.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" loop: '{{ tomcat_m_instances }}' notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_serverxml'] - name: Install the web.xml file ansible.builtin.template: src: tomcat-web.xml.j2 dest: "{{ item.instance_path }}/conf/web.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" with_items: '{{ tomcat_m_instances }}' notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_serverxml'] - name: Install the tomcat-admin package if the host-manager or manager apps are required ansible.builtin.apt: pkg: "tomcat{{ tomcat_version }}-admin" state: "{{ tomcat_pkg_state }}" cache_valid_time: 1800 when: tomcat_m_host_manager_install | bool or tomcat_m_manager_install | bool tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager', 'tomcat_manager'] - name: Install the catalina configuration for the tomcat manager ansible.builtin.template: src: tomcat-manager.xml.j2 dest: "{{ item.instance_path }}/conf/Catalina/localhost/manager.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" loop: '{{ tomcat_m_instances }}' when: tomcat_m_manager_install | bool notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_manager'] - name: Install the catalina configuration for the tomcat host manager ansible.builtin.template: src: tomcat-host-manager.xml.j2 dest: "{{ item.instance_path }}/conf/Catalina/localhost/host-manager.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" loop: '{{ tomcat_m_instances }}' when: tomcat_m_host_manager_install | bool notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager'] - name: Install the catalina configuration for the tomcat manager ansible.builtin.template: src: tomcat-users.xml.j2 dest: "{{ item.instance_path }}/conf/tomcat-users.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" loop: '{{ tomcat_m_instances }}' notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_host_manager', 'tomcat_manager'] - name: Install the instances SYSV startup scripts ansible.builtin.template: src: tomcat-instance.init.j2 dest: "/etc/init.d/tomcat-instance-{{ item.http_port }}" mode: "0755" owner: root group: root loop: '{{ tomcat_m_instances }}' when: not tomcat_use_systemd_unit register: reload_systemd tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Remove the instances SYSV startup scripts when we prefer the systemd unit ansible.builtin.file: dest: "/etc/init.d/tomcat-instance-{{ item.http_port }}" state: absent loop: '{{ tomcat_m_instances }}' when: tomcat_use_systemd_unit tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Check if /usr/lib/systemd/system exists ansible.builtin.stat: path: /usr/lib/systemd/system register: systemd_system_path tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Define the installation path of the systemd unit ansible.builtin.set_fact: systemd_unit_dest_dir: '{% if systemd_system_path.stat.exists %}/usr/lib/systemd/system{% else %}/etc/systemd/system{% endif %}' tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Install the instances systemd unit ansible.builtin.template: src: tomcat-service.j2 dest: "{{ systemd_unit_dest_dir }}/tomcat-instance-{{ item.http_port }}.service" mode: "0644" owner: root group: root loop: '{{ tomcat_m_instances }}' when: tomcat_use_systemd_unit register: reload_systemd notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Reload the systemd daemon if we are running on a systemd-backed server ansible.builtin.systemd: daemon-reload: true when: reload_systemd tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Install the helper script used by the systemd unit ansible.builtin.template: src: tomcat-start.sh.j2 dest: "/usr/libexec/tomcat{{ tomcat_version }}/tomcat-instance-{{ item.http_port }}-start.sh" mode: "0755" owner: root group: root loop: '{{ tomcat_m_instances }}' when: tomcat_use_systemd_unit notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Install the debug conf used by the systemd unit ansible.builtin.template: src: tomcat-debug.conf.j2 dest: "/etc/systemd/system/tomcat-instance-{{ item.http_port }}.service.d/debug.conf.disabled" mode: "0644" owner: root group: root loop: '{{ tomcat_m_instances }}' when: tomcat_use_systemd_unit notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_init'] - name: Install the tomcat instances default file ansible.builtin.template: src: tomcat-default.j2 dest: "/etc/default/tomcat-instance-{{ item.http_port }}" mode: "0640" owner: root group: "{{ item.user }}" loop: '{{ tomcat_m_instances }}' notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_default', 'jdk', 'tomcat_init'] - name: Install a custom context.xml file ansible.builtin.template: src: tomcat-context.xml.j2 dest: "{{ item.instance_path }}/conf/context.xml" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0640" loop: '{{ tomcat_m_instances }}' notify: tomcat multiple-instances restart when: tomcat_m_jndi_pool | bool tags: ['tomcat', 'tomcat_instances', 'tomcat_conf', 'tomcat_contextxml', 'jdk'] - name: Install a logrotate entry for the access log file ansible.builtin.template: src: tomcat.logrotate.j2 dest: "/etc/logrotate.d/tomcat_instance-{{ item.http_port }}" owner: root group: root mode: "0644" loop: '{{ tomcat_m_instances }}' tags: ['tomcat', 'tomcat_instances', 'tomcat_conf'] - name: Install the jmx authorization file ansible.builtin.template: src: jmxremote.passwd.j2 dest: "{{ item.instance_path }}/conf/jmxremote.passwd" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0600" loop: '{{ tomcat_m_instances }}' when: - item.jmx_enabled is defined - item.jmx_auth_enabled is defined - item.jmx_enabled | bool - item.jmx_auth_enabled | bool notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_jmx'] - name: Install the jmx role file ansible.builtin.copy: src: jmxremote.access dest: "{{ item.instance_path }}/conf/jmxremote.access" owner: "{{ item.user }}" group: "{{ item.user }}" mode: "0644" loop: '{{ tomcat_m_instances }}' when: - item.jmx_enabled is defined - item.jmx_auth_enabled is defined - item.jmx_enabled | bool - item.jmx_auth_enabled | bool notify: tomcat multiple-instances restart tags: ['tomcat', 'tomcat_instances', 'tomcat_jmx'] - name: Start all the tomcat instances ansible.builtin.service: name: 'tomcat-instance-{{ item.http_port }}' state: started sleep: 20 loop: '{{ tomcat_m_instances }}' when: - tomcat_first_install.changed | bool - tomcat_m_start_instances | bool tags: ['tomcat', 'tomcat_instances'] ignore_errors: true - name: Enable all the tomcat instances ansible.builtin.service: name: 'tomcat-instance-{{ item.http_port }}' enabled: true loop: '{{ tomcat_m_instances }}' when: tomcat_m_enable_instances | bool tags: ['tomcat', 'tomcat_instances']